<?php
//引入初始化文件
include '../init.php';
//引入数据库连接文件
include DIR_CORE .'mysql.php';
//接受数据
$user = trim($_POST['name']);
$password = trim($_POST['password']);

//判断数据合法性
if (empty($user)||empty($password)) {
    jump('../view/login.html', '用户名与密码不能为空！');
}
//连接数据库取数据验证
$sql = "select * from user where name='$user'";
//echo $sql;
$res = mysqli_query($link, $sql);
$row = mysqli_fetch_assoc($res);

if (mysqli_affected_rows($link)==0) {
    jump('../view/login.html', '用户名不存在！');
}

if (md5($password)===$row['password']) {
    //验证成功
    setCookie('user_id', $row['id'], 0, '/');
    session_start();
    //建立会话区，将信息存在session中
    $_SESSION['userInfo']=$row;
    jump('../index.php');
} else {
    jump('../view/login.html', '密码错误！');
}
